chore: housekeeping — linter & formatter setup

Add .prettierrc.json, .markdownlint.json, .yamllint.yaml, .gitattributes
Run CSharpier, Prettier and markdownlint across the entire codebase.
No logic changes — formatting, using order and line endings only.

.gitea/workflows/security.yml

@@ -1,21 +1,20 @@
 name: Security
 on:
-  push:
-    branches: [main, master]
-  pull_request:
-  schedule:
-    - cron: '0 6 * * 1'
-  workflow_dispatch:
+    push:
+        branches: [main, master]
+    pull_request:
+    schedule:
+        - cron: "0 6 * * 1"
+    workflow_dispatch:
 
 jobs:
-  scan:
-    uses: JonKazama-Hellion/security-workflows/.gitea/workflows/security-scan.yml@main
-    with:
-      # MessageStore.cs uses string-interpolation in CommandText for table
-      # names and clause-joins that come from internal code constants, not
-      # user input. Values are bound via SqlParameter, the SQL surface is
-      # local-only inside a Dalamud plugin. Semgrep matches the pattern
-      # without dataflow, so it flags those eight call sites; CodeQL
-      # would not. Suppressed for this repo only.
-      semgrep-exclude-rules: 'csharp.lang.security.sqli.csharp-sqli.csharp-sqli'
-
+    scan:
+        uses: JonKazama-Hellion/security-workflows/.gitea/workflows/security-scan.yml@main
+        with:
+            # MessageStore.cs uses string-interpolation in CommandText for table
+            # names and clause-joins that come from internal code constants, not
+            # user input. Values are bound via SqlParameter, the SQL surface is
+            # local-only inside a Dalamud plugin. Semgrep matches the pattern
+            # without dataflow, so it flags those eight call sites; CodeQL
+            # would not. Suppressed for this repo only.
+            semgrep-exclude-rules: "csharp.lang.security.sqli.csharp-sqli.csharp-sqli"